Joseph L.Greathouse

Title

Conference

Published in the Proceedings of the 2017 IEEE/ACM International Symposium on Code Generation and Optimization
(CGO 2017), February, 2017 (acceptance rate: 26/114 ≈ 23%)

Authors

Christopher Erb, Mike Collins, Joseph L. Greathouse

Abstract

Buffer overflows are a common source of program crashes, data corruption, and security problems.
In this work, we demonstrate that GPU-based workloads can also cause buffer overflows, a problem that was
traditionally ignored because CPUs and GPUs had separate memory spaces. Modern GPUs share virtual, and
sometimes physical, memory with CPUs, meaning that GPU-based buffer overflows are capable of producing the
same program crashes, data corruption, and security problems as CPU-based overflows. While there are many
tools to find buffer overflows in CPU-based applications, the shift towards GPU-enhanced programs has
expanded the problem beyond their capabilities.

This paper describes a tool that uses canaries to detect buffer overflows caused by GPGPU kernels.
It wraps OpenCL API calls and alerts users to any kernel that writes outside of a memory buffer.
We study a variety of optimizations, including using the GPU to perform the canary checks, which
allow our tool to run at near application speeds. The resulting runtime overhead, which scales with the
number of buffers used by the kernel, is 14% across 175 applications in 16 GPU benchmark suites.
In these same suites, we found 13 buffer overflows in 7 benchmarks.